Ubuntu 24.04 Unsupported SSL backend 'gnutls'
Closed this issue · 4 comments
The problem
In Ubuntu 24.04 curl and git by default build with gnutls library.
GitHub Desktop work only if set "sslBackend = openssl".
a) "sslBackend = openssl".
- GitHub Desktop works correctly
- Git client + VSCode fatal: Unsupported SSL backend 'openssl'. Supported SSL backends: gnutls
b) "sslBackend = gnutls".
- GitHub Desktop fatal: Unsupported SSL backend 'gnutls'. Supported SSL backends: openssl
- Git client + VSCode works correctly
I can use VS Code or Github Desktop. It is sad :(
Release version
3.3.12-linux2
Operating system
Ubuntu 24.04
Steps to reproduce the behavior
No response
Log files
No response
Screenshots
No response
Additional context
No response
GitHub Desktop work only if set "sslBackend = openssl".
What error does GitHub Desktop report when you omit the sslBackend config? Can we leave it up to the tools to figure out what backend they prefer without having to set this at the repository level?
In theory at least GitHub Desktop should be standalone (aside from the packages and shared libraries it needs related to curl) but I haven't yet tried to run this on 24.04 so I'm curious how this is breaking.
I checked. If don't set the "sslBackend" option, then VSCode/GitHubDesktop work fine for public repositories.
But I have some private repositories that need "sslBackend = gnutls" option.
I don’t know why, maybe an old SSL algorithm, but in any case, I can't affect it.
curl --version
curl 8.5.0 (x86_64-pc-linux-gnu) libcurl/8.5.0 OpenSSL/3.0.13 zlib/1.3
brotli/1.1.0 zstd/1.5.5 libidn2/2.3.7 libpsl/0.21.2 (+libidn2/2.3.7)
libssh/0.10.6/openssl/zlib nghttp2/1.59.0 librtmp/2.3 OpenLDAP/2.6.7
ldd /usr/bin/curl
libcurl.so.4 => /lib/x86_64-linux-gnu/libcurl.so.4 (0x00007f3102eb3000)
...
libssl.so.3 => /lib/x86_64-linux-gnu/libssl.so.3 (0x00007f3102ae5000)
libcrypto.so.3 => /lib/x86_64-linux-gnu/libcrypto.so.3 (0x00007f3102400000)
libgnutls.so.30 => /lib/x86_64-linux-gnu/libgnutls.so.30 (0x00007f3102059000)
...
ldd /usr/lib/github-desktop/github-desktop
...
libgnutls.so.30 => /lib/x86_64-linux-gnu/libgnutls.so.30 (0x00007207b7dbe000)
...
I can provide more information, but I think it's something you need to touch with your hands, if you have the time.
In Ubuntu 24.04 curl and git by default build with gnutls library.
On this one, I wanted to understand what version of libcurl is installed. The package is likely matching on libcurl4
desktop/script/package-debian.ts
Line 63 in 3d20d0d
But I don't see a libcurl4 match for Noble (24.04) in the package registry so I'm curious what version you do have
These are all the openssl flavour, which is expected.
I also checked the main curl package for noble and it too is the openssl variant.
But I have some private repositories that need "sslBackend = gnutls" option.
Any details you can share about the server these repositories are hosted on? I can't rule out ciphers missing, but often some servers have custom certificates which may not be registered in the correct spot (which you can workaround in Git with the http.sslCAInfo variable to point git to your bundle).
Setting GIT_CURL_VERBOSE=1 and interacting with the remote would help to surface how the TLS failure occurs, which may help narrow down the options to thread the needle here...
Thank you for your issue!
We haven’t gotten a response to our questions above. With only the information that is currently in the issue, we don’t have enough information to take action. We’re going to close this but don’t hesitate to reach out if you have or find the answers we need. If you answer our questions above, this issue will automatically reopen.